wivers Posted December 5, 2008 Posted December 5, 2008 add this 2 your header You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. Quote
Guest Sniko` Posted December 5, 2008 Posted December 5, 2008 Re: another sql protection to help You obviosly didnt code this as you just got back into coding Quote
wivers Posted December 5, 2008 Author Posted December 5, 2008 Re: another sql protection to help You obviosly didnt code this as you just got back into coding i didnt say i did but i dnt know ho did so i didnt say i found it on ej.am Quote
Vortex Posted December 5, 2008 Posted December 5, 2008 Re: [mccode] another sql protection to help Using mysql_real_escape_string() in this way can still be subverted, permitting injection of unwarranted SQL. Consider where MySQL comes from... Quote
ColdK Posted December 6, 2008 Posted December 6, 2008 Re: [mccode] another sql protection to help been posted and removed before when nyna seen it :| Quote
Zero-Affect Posted December 6, 2008 Posted December 6, 2008 Re: [mccode] another sql protection to help i always assumed it worked like You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. Quote
Eternal Posted December 6, 2008 Posted December 6, 2008 Re: [mccode] another sql protection to help lol As it has been noted before there isn't much of a way to secure a site from sql injections.. All that can be said is secure every input, GET's , POST's and help prevent it . most people use mysql_real_escape_string($content); or mysql_real_escape_string(strip_tags($content)); just To cut down on user inputs... Also this You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. You are not telling what you are doing all that will do is sit in the header and do nothing You havent told us that we need to include this on every page like cleanIncomingData($idata); or checkIncomingData($idata, $minsize, $maxsize); Quote
Zero-Affect Posted December 6, 2008 Posted December 6, 2008 Re: [mccode] another sql protection to help i don't think You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. will work mate im sure it would need You're unable to view this code. Viewing code within this forum requires registration, you can register here for free. Quote
Eternal Posted December 6, 2008 Posted December 6, 2008 Re: [mccode] another sql protection to help LAWL Was pointing an example.. i am still learning that at this current moment.. Quote
Zero-Affect Posted December 6, 2008 Posted December 6, 2008 Re: [mccode] another sql protection to help LAWL Was pointing an example.. i am still learning that at this current moment.. Was only pointing out you're mistake to help you in the future :lol: Quote
***ryan*** Posted December 6, 2008 Posted December 6, 2008 Re: [mccode] another sql protection to help i have seen this somwhere b4 not sure where lol :wink: Quote
Saha Posted December 7, 2008 Posted December 7, 2008 Re: [mccode] another sql protection to help I have also seen this on ej.am it also does not secure your site. ej.am is full of people who didnt even know you needed to code your own game i suggest in the future you dont use anything which says it will protect your site because 90% of the time it wont. Quote
POG1 Posted December 7, 2008 Posted December 7, 2008 Re: [mccode] another sql protection to help content = preg_replace("/[^a-zA-Z0-9]/","",strip_tags(trim($content))) what about something like that? Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.